"Fossies" - the Fresh Open Source Software Archive

Member "scanlogd-2.2.8/scanlogd.spec" (10 Mar 2021, 4609 Bytes) of package /linux/misc/scanlogd-2.2.8.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) RPM Spec source code syntax highlighting (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file. See also the latest Fossies "Diffs" side-by-side code changes report for "scanlogd.spec": 2.2.7_vs_2.2.8.

    1 Summary: A tool to detect and log TCP port scans.
    2 Name: scanlogd
    3 Version: 2.2.8
    4 Release: owl1
    5 License: BSD-compatible
    6 Group: System Environment/Daemons
    7 URL: http://www.openwall.com/scanlogd/
    8 Source: ftp://ftp.openwall.com/pub/projects/scanlogd/scanlogd-%version.tar.gz
    9 Requires(post,preun): chkconfig, grep, shadow-utils
   10 BuildRoot: /override/%name-%version
   11 
   12 %description
   13 scanlogd detects port scans and writes one line per scan via the syslog(3)
   14 mechanism.  If a source address sends multiple packets to different ports
   15 in a short time, the event will be logged.
   16 
   17 %prep
   18 %setup -q
   19 
   20 %build
   21 %__make linux CFLAGS="-Wall %optflags"
   22 
   23 %install
   24 rm -rf %buildroot
   25 mkdir -p %buildroot{%_sbindir,%_mandir/man8,/etc/rc.d/init.d}
   26 
   27 install -m 700 scanlogd %buildroot%_sbindir/
   28 install -m 644 scanlogd.8 %buildroot%_mandir/man8/
   29 install -m 700 scanlogd.init %buildroot/etc/rc.d/init.d/scanlogd
   30 
   31 %pre
   32 grep -q ^scanlogd: /etc/group || groupadd -g 199 scanlogd
   33 grep -q ^scanlogd: /etc/passwd ||
   34     useradd -g scanlogd -u 199 -d / -s /bin/false -M scanlogd
   35 rm -f /var/run/scanlogd.restart
   36 if [ $1 -ge 2 ]; then
   37     /etc/rc.d/init.d/scanlogd status && touch /var/run/scanlogd.restart || :
   38     /etc/rc.d/init.d/scanlogd stop || :
   39 fi
   40 
   41 %post
   42 /sbin/chkconfig --add scanlogd
   43 test -f /var/run/scanlogd.restart && /etc/rc.d/init.d/scanlogd start || :
   44 rm -f /var/run/scanlogd.restart
   45 
   46 %preun
   47 if [ $1 -eq 0 ]; then
   48     /etc/rc.d/init.d/scanlogd stop || :
   49     /sbin/chkconfig --del scanlogd
   50 fi
   51 
   52 %files
   53 %defattr(-,root,root)
   54 %doc LICENSE README.md
   55 %_sbindir/scanlogd
   56 %_mandir/man8/scanlogd.8*
   57 %config /etc/rc.d/init.d/scanlogd
   58 
   59 %changelog
   60 * Wed Mar 10 2021 Solar Designer <solar-at-owl.openwall.com> 2.2.8-owl1
   61 - Define _DEFAULT_SOURCE for new glibc, keep _BSD_SOURCE for old glibc
   62 - Clarify that SCANLOGD_CHROOT directory must be root-owned
   63 - Add README.md based on man page
   64 
   65 * Mon Jun 30 2014 (galaxyMaster) <galaxy-at-owl.openwall.com> 2.2.7-owl2
   66 - Replaced the deprecated PreReq tag with Requires(post,preun).
   67 
   68 * Wed Aug 15 2012 Solar Designer <solar-at-owl.openwall.com> 2.2.7-owl1
   69 - Fixed an off-by-one bug in the safety check against SCAN_MAX_COUNT.  In
   70 properly configured builds of scanlogd, SCAN_WEIGHT_THRESHOLD is such that it's
   71 always hit before SCAN_MAX_COUNT would be hit, so this bug did not matter for
   72 those.  However, other projects reusing this code could make these settings
   73 runtime (mis)configurable, thereby exposing the bug.  Luckily, in scanlogd
   74 itself, if it is misconfigured like this, a port number written right beyond
   75 the array limit would overwrite relatively unimportant data only (part of the
   76 same struct), which could be directly provided/spoofed by the remote system
   77 anyway.  However, in other projects reusing code from scanlogd this could be
   78 different.  Thanks to Florian Westphal for reporting this bug.
   79 - Switched to heavily cut-down BSD license.
   80 
   81 * Sun Mar 05 2006 Solar Designer <solar-at-owl.openwall.com> 2.2.6-owl1
   82 - Use sysconf(_SC_CLK_TCK) instead of CLK_TCK when _SC_CLK_TCK is known to be
   83 available or CLK_TCK is not.
   84 
   85 * Thu Jun 10 2004 Solar Designer <solar-at-owl.openwall.com> 2.2.5-owl1
   86 - Dropped the cleanup() stuff because it was not async-signal-safe and
   87 to implement it properly would depend on pcap_breakloop() and on a
   88 non-existent(?) equivalent for it with libnids; this code was only used
   89 when running as root which is something to not do anyway.
   90 
   91 * Thu Jun 03 2004 Solar Designer <solar-at-owl.openwall.com> 2.2.4-owl1
   92 - Detach from the tty by opening /dev/null on fd 0, 1, 2.
   93 
   94 * Wed Jun 02 2004 Solar Designer <solar-at-owl.openwall.com> 2.2.3-owl1
   95 - When built with libnids or direct libpcap support, use Pavel Kankovsky's
   96 smart pcap expression, with a minor enhancement.
   97 - Explained "any" and "all" magic device names in a comment in params.h.
   98 - Dropped the rlog stuff; librlog was never released.
   99 - chroot to /var/empty.
  100 - Do register scanlogd with chkconfig, but don't enable it for any runlevels
  101 by default.
  102 - Moved this spec file and the init script to under scanlogd/ to include
  103 them in the non-Owl-specific distribution of scanlogd.
  104 
  105 * Sun May 23 2004 Solar Designer <solar-at-owl.openwall.com> 2.2.2-owl1
  106 - #include <stdlib.h> for exit(3) (apparently this is actually needed on
  107 FreeBSD).
  108 - Obfuscated e-mail addresses in the man page and sources.
  109 
  110 * Wed May 08 2002 Solar Designer <solar-at-owl.openwall.com> 2.2.1-owl1
  111 - Start after syslogd.
  112 - Don't abuse glibc-internal __feature macros.
  113 
  114 * Wed Feb 06 2002 Solar Designer <solar-at-owl.openwall.com>
  115 - Enforce our new spec file conventions.
  116 
  117 * Thu Jul 12 2001 Solar Designer <solar-at-owl.openwall.com>
  118 - Packaged scanlogd for Owl.